Biometric payment

ABSTRACT

A biometric payment system device obtains a digital representation of a biometric, generates an abstract biometric identifier data structure using the digital representation of the biometric, receives a response from a biometric payment system based on a transmission of the abstract biometric identifier data structure, and completes a transaction based on the response. In some embodiments, a biometric payment system receives an abstract biometric identifier data structure from a biometric payment system device, generates a biometric template, determines an identity by providing the biometric template to a matching engine; and provides information associated with the identity to the biometric payment system device. In other embodiments, the biometric payment system determines a modality of the digital representation of the biometric, formats a biometric template for a matching engine, determines an identity using the matching engine, and provides information associated with the identity to the biometric payment system device.

CROSS-REFERENCE TO RELATED APPLICATION

This application is a non-provisional patent application of and claimsthe benefit to U.S. Provisional Patent Application No. 62/538,418, filedJul. 28, 2017, and titled “Biometric Payment;” U.S. Provisional PatentApplication No. 62/545,511, filed Aug. 15, 2017, and titled “BiometricPre-Identification;” and U.S. Provisional Patent Application No.62/550,179, filed Aug. 25, 2017, and titled “Biometric IdentificationSystem Connected Vehicle;” the disclosures of which are herebyincorporated herein by reference in their entirety.

FIELD

The described embodiments relate generally to biometrics. Moreparticularly, the present embodiments relate to biometric payment.

BACKGROUND

Biometric identification systems may identify people using biometrics.Biometrics may include fingerprints, irises, eyes, faces, voices, gaits,pictures, or other identifying characteristics about a person. Abiometric identification system may capture a biometric using abiometric reader and identify a person by comparing the capturedinformation against stored information. For example, a camera maycapture an image of a fingerprint and compare the image of thefingerprint against stored fingerprint images.

SUMMARY

The present disclosure relates to systems that use abstract biometricidentifiers (IDs). An abstract biometric ID may be a data structure thatis formatted in a way that is recognizable by devices in a biometricidentification system while being able to include one or more digitalrepresentations of biometrics and/or a variety of different informationregarding the digital representation of the biometric, what to do withthe digital representation of the biometric, and so on. By having avariety of different information in the uniform format of an abstractbiometric ID, a biometric identification system can use abstractbiometric ID data structures to provide a variety of different functionsfor a number of different applications to multiple different systems.The abstract biometric ID data structure may allow a biometricidentification system to perform biometric identification of any numberof biometrics and different types of biometrics. The abstract biometricID data structure may also allow a biometric identification system toperform various different functions for a number of different systems.All of this may be possible due to the biometric identification systembeing able to use anything that has been formatted according to theexpected abstract biometric ID data structure. Each requesting systemmay include whatever biometrics, specifications, and so on in theabstract biometric ID data structure and have the biometricidentification system be able to respond as long as the biometrics,specifications, and so on are properly formatted in the abstractbiometric ID data structure. This may allow the biometric identificationsystem to more efficiently provide biometric identification and/or otherservices while using less computational resources that would otherwisebe required to handle different kinds of requests. This may allow thebiometric identification system to perform a variety of differentfunctions that would otherwise not be possible due to needing separateentire system reconfiguration to add such functionality.

In various implementations, a biometric payment system device includesat least one non-transitory storage medium that stores instructions andat least one processor. The at least one processor executes theinstructions to obtain a digital representation of a biometric, generatean abstract biometric identifier data structure using the digitalrepresentation of the biometric, receive a response from a biometricpayment system based on a transmission of the abstract biometricidentifier data structure, and complete a transaction based on theresponse.

In some examples, the abstract biometric identifier data structureincludes the digital representation of the biometric. In variousexamples, the abstract biometric identifier data structure specifies atype of the digital representation of the biometric. In numerousexamples, the abstract biometric identifier data structure specifies atarget matching engine.

In various examples, the digital representation of the biometric is afirst biometric representation and the abstract biometric identifierdata structure includes the first biometric representation and a secondbiometric representation. In some such examples, the first biometricrepresentation is an image and the second biometric representation is adata structure. In various such examples, the first biometricrepresentation and the second biometric representation correspond todifferent types of biometrics.

In some implementations, a biometric payment system includes at leastone non-transitory storage medium that stores instructions and at leastone processor. The at least one processor executes the instructions toreceive an abstract biometric identifier data structure from a biometricpayment system device, the abstract biometric identifier data structuregenerated using a digital representation of a biometric; generate abiometric template corresponding to the digital representation of thebiometric from the abstract biometric identifier data structure;determine an identity by providing the biometric template to a matchingengine; and provide information associated with the identity to thebiometric payment system device.

In various examples, the information includes a validated age of aperson associated with the digital representation of the biometric. Insome examples, the information includes a verified identity of a personassociated with the digital representation of the biometric.

In numerous examples, the at least one processor communicates with apayment processing system. In some such examples, the information is aresult of the at least one processor communicating with the paymentprocessing system. In various such examples, the at least one processorcommunicates with the payment processing system to create a creditaccount for a person associated with the digital representation of thebiometric.

In some examples, the abstract biometric identifier data structureincludes a billing amount.

In numerous implementations, a biometric payment system includes atleast one non-transitory storage medium that stores instructions and atleast one processor. The at least one processor executes theinstructions to receive an abstract biometric identifier data structurefrom a biometric payment system device, the abstract biometricidentifier data structure generated using a digital representation of abiometric; determine a modality of the digital representation of thebiometric from the abstract biometric identifier data structure; formata biometric template for a matching engine using the abstract biometricidentifier data structure; determine an identity using the matchingengine; and provide information associated with the identity to thebiometric payment system device.

In some examples, the abstract biometric identifier data structure is afirst abstract biometric identifier data structure, the digitalrepresentation of the biometric is a first digital representation of afirst biometric, the biometric payment system device is a firstbiometric payment system device, the at least one processor is operableto receive a second abstract biometric identifier data structure from asecond biometric payment system device, and the second abstractbiometric identifier data structure is generated using a second digitalrepresentation of a second biometric. In some such examples, the firstdigital representation of the first biometric has a different modalitythan the second digital representation of the second biometric. Invarious such examples, the at least one processor uses a first matchingengine for the first digital representation of the first biometric and asecond matching engine for the second digital representation of thesecond biometric (and may determine the identity using a combination ofresults of the first and second matching engines). In numerous suchexamples, the first biometric is a fingerprint and the second biometricis at least a portion of a face.

BRIEF DESCRIPTION OF THE DRAWINGS

The disclosure will be readily understood by the following detaileddescription in conjunction with the accompanying drawings, wherein likereference numerals designate like structural elements.

FIG. 1 depicts an example system for biometric payment that includes apoint of sale or other device and/or credit card integration.

FIG. 2 depicts an example application programming interface clientinteraction for the system of FIG. 1.

FIG. 3 depicts an example application programming interface serverinteraction for the system of FIG. 1.

FIG. 4 depicts an example data structure that may be used for theabstracted biometric identifier in the system of FIG. 1.

FIG. 5 depicts an example process flow of the system of FIG. 1.

FIG. 6 depicts an example of matching engine abstraction that may beused in the present disclosure.

FIG. 7 depicts a first example method of biometric payment processing.

FIG. 8 depicts a second example method of biometric payment processing.

FIG. 9 depicts a third example method of biometric payment processing.

FIG. 10 depicts an example of functional relationships betweencomponents that may be used to implement the device and backend in thesystem of FIG. 1.

DETAILED DESCRIPTION

Reference will now be made in detail to representative embodimentsillustrated in the accompanying drawings. It should be understood thatthe following descriptions are not intended to limit the embodiments toone preferred embodiment. To the contrary, it is intended to coveralternatives, modifications, and equivalents as can be included withinthe spirit and scope of the described embodiments as defined by theappended claims.

The description that follows includes sample systems, methods,apparatuses, and computer program products that embody various elementsof the present disclosure. However, it should be understood that thedescribed disclosure may be practiced in a variety of forms in additionto those described herein.

Biometric identification systems are typically configured for a staticpurpose. Devices are set to communicate in a particular way for aparticular, static purpose. As part of that, the systems are typicallystatically configured to obtain a particular type of biometric in aparticular way, process that expected type of biometric, and performstatically configured actions based on that unchanging process.Biometric identification systems are typically not able to handlebiometric identification for different applications or systems,different types of biometrics, or perform different sets of actionsbased upon differing needs. Typically, changes (such as to the type ofbiometric, how to process the biometric, what to do upon identification)to the system necessitate reconfiguration of the entire system.

Further, biometric identification systems are typically limited in beingable to perform biometric identification for outside systems out ofprivacy concerns for biometric information. As it would be undesirableto allow unauthorized access to biometrics, biometrics are often notshared between internal and external systems. These kinds of concernslimit the flexibility, functionality, and efficiency of biometricidentification systems.

The following disclosure relates to systems that use abstract biometricidentifiers (IDs). An abstract biometric ID may be a data structure thatis formatted in a way that is recognizable by devices in a biometricidentification system while being able to include one or more digitalrepresentations of biometrics and/or a variety of different informationregarding the digital representation of the biometric, what to do withthe digital representation of the biometric, and so on. By having avariety of different information in the uniform format of an abstractbiometric ID, a biometric identification system can use abstractbiometric ID data structures to provide a variety of different functionsfor a number of different applications to multiple different systems.The abstract biometric ID data structure may allow a biometricidentification system to perform biometric identification of any numberof biometrics and different types of biometrics. The abstract biometricID data structure may also allow a biometric identification system toperform various different functions for a number of different systems.All of this may be possible due to the biometric identification systembeing able to use anything that has been formatted according to theexpected abstract biometric ID data structure. Each requesting systemmay include whatever biometrics, specifications, and so on in theabstract biometric ID data structure and have the biometricidentification system be able to respond as long as the biometrics,specifications, and so on are properly formatted in the abstractbiometric ID data structure. This may allow the biometric identificationsystem to more efficiently provide biometric identification and/or otherservices while using less computational resources that would otherwisebe required to handle different kinds of requests. This may allow thebiometric identification system to perform a variety of differentfunctions that would otherwise not be possible due to needing separateentire system reconfiguration to add such functionality.

In various embodiments, a biometric payment system device obtains adigital representation of a biometric, generates an abstract biometricidentifier data structure using the digital representation of thebiometric, receives a response from a biometric payment system based ona transmission of the abstract biometric identifier data structure, andcompletes a transaction based on the response. In some embodiments, abiometric payment system receives an abstract biometric identifier datastructure from a biometric payment system device, generates a biometrictemplate, determines an identity by providing the biometric template toa matching engine; and provides information associated with the identityto the biometric payment system device. In other embodiments, thebiometric payment system determines a modality of the digitalrepresentation of the biometric, formats a biometric template for amatching engine, determines an identity using the matching engine, andprovides information associated with the identity to the biometricpayment system device.

Various implementations relate to biometric payment systems. One or morebiometrics (such as one or more fingerprints, irises, eyes, faces,voices, gaits, pictures or other digital representations thereof,hashes, encodings thereof, combinations thereof, and so on) may beobtained by one or more biometric readers associated with an electronicdevice. An application programming interface (API), software developmentkit (SDK), or other software of the electronic device may create one ormore abstract biometric IDs based on the obtained biometric. The API maytransmit the abstract biometric ID directly or indirectly to a backendor other electronic device, such as via an encrypted connection. Thebackend may determine the modality (e.g., type) of the abstractbiometric ID, format the abstract biometric ID for a particular matcherbased on the determined modality, and provide the formatted abstractbiometric ID to the particular matcher. The matcher may identify aperson based on the formatted abstract biometric ID and provideinformation regarding the identification to the backend. The backend maythen communicate with the API and/or the associated electronic deviceand/or other devices to facilitate payment.

In this way, payment systems and/or associated devices may be moresecure, flexible, faster, and capable of performing more functions thanprior systems. Users may not be burdened with providing credit cards orother information for each and every purchase. Fraud may be reduced byrestricting payment methods to authorized users. A single system may beoperable to handle any number of different biometrics and/orcombinations thereof without using redundant components and/orresources.

Biometric payment may be facilitated by identifying a person whoprovided the biometric, obtaining and/or providing payment information,obtaining and/or providing biographical information for the person,obtaining and/or providing age validation for the person, obtainingand/or providing criminal check information for the person, obtainingand/or providing risk score information for the person, creating acredit account for the person, processing payment for a transaction, andso on. Various configurations are possible and contemplated.

These and other embodiments are discussed below with reference to FIGS.1-9. However, those skilled in the art will readily appreciate that thedetailed description given herein with respect to these Figures is forexplanatory purposes only and should not be construed as limiting.

The biometric payment technology of the present application may enableend users to pay for any good or service with or without carrying aphone or intermediary device. The present disclosure may abstract thebiometric ID process, creating an abstract biometric ID that may be animage, a data structure, a hash, or any mathematical or computer basedconstruct. The abstract biometric ID may represent any biometric type ormodality. For example, abstract biometric ID may represent a finger,face, voice, iris, or gait, and so on. This may give the abstractbiometric ID the ability to work with any hardware, any modality, ormultiple modalities at a single time.

The abstract biometric ID, which may be secure in itself, may be furthersecured through a multiple of protocols including dual certificationhttps, in-flight encryption, and non-redundant encryption. This may meanthat the abstract biometric ID may be encrypted in-flight usingdifferent protocols each time.

The abstraction technology of the present disclosure may allow theabstract biometric ID to be integrated with any matching engine. Abackend or other device that receives the abstract biometric ID maydetect the biometric type of the abstract biometric ID and format theabstract biometric ID accordingly to the proper template (e.g., a formatspecified for and/or appropriate to the particular matcher that matchesthat biometric type, the formatting putting the abstract biometric IDinto a form that the matcher can compare against a correspondingbiometric database) of one or many templates for singular or parallelprocessing (abstract data structure and so on).

In the case of multi-modal abstract biometric IDs (such as a combinationof a facial image, an iris, and a gait and/or any other such combinationof different biometric types), the backend may detect each of themodalities, and run each of the modalities through an appropriatematcher or matching engine. Through the prioritization of modalities,scores, and statistical combinatorics, the backend may determine a mostaccurate and/or likely match (e.g., identify the person associated withthe biometric).

An associated credit card or pre-existing payment instrument may or maynot be associated with biometric payment as disclosed herein. Optionsfor payment may include, but are not limited to, a credit card on file,a pre-existing credit balance, ACH, through credit based offlinepayments, the creation of a line of credit, and so on.

Upon transaction, the system discussed herein may simultaneously processpayments and validate any number of additional factors. These additionalfactors may include, but are not limited to, validating age data,financial risk, criminality, terrorism, credit risk, opening a line ofcredit, and so on. In some implementations, the system discussed hereinmay be operable to open a line of credit to process a payment that hasbeen otherwise declined.

Multiple biometric types may be accepted at a single point of contact.The backend may determine, using the same API call, which biometric typewas used. The biometric API may use the abstract identifier by itself.In such cases, no additional information or hints may be required.

The biometric payment system discussed herein may or may not use a pointof sale (POS) device or system. In some implementations, the system mayintegrate into commercial POS systems.

The biometric payment system may include libraries that enable the rapidreading and transmission of biometrics. Such libraries may be includedfor Android™, iOS™, Windows™, and/or other operating systems.

The system may perform credit risk checks. This may allow for offlinepayments.

By using a “centralized” backend (i.e., a single system that various POSor other devices may connect to for biometric payment, not necessarily asingle device as the backend may be one or more computing devices thatmay interact to perform the functions discussed herein such as one ormore cloud computing configurations, cooperative processingconfigurations, and so on) for identity verification, biometrics may beregistered once, in any location, and reused across differentecosystems. In other words, any number of different devices using theAPI or software may transmit abstract biometric IDs to the backendwithout people needing to separately register the associated biometricat each device.

The backend technology may retrieve biometric data from any repositoryof biometric information. In some cases, the backend may store such arepository. In other cases, the repository may be stored remotely.

The backend technology may distribute and/or limit credit card access toimprove security and maintain payment card industry (PCI) compliance.The backend technology may also distribute and/or limit access to otherpayment options, other private information for identified people, and soon.

FIG. 1 depicts an example system 100 for biometric payment that includespoint of sale or other device 101 and/or credit card integration. Usersmay enter one or more biometrics into any biometric reader 102 (such asone or more still image or video cameras, fingerprint scanners, and/orany other device that may be used to capture biometric information) of adevice 101. The device 101 may stand alone, be integrated into anon-premises POS, or be on a mobile device. There may be multiple devicespresent.

An API may reside in an application that is integrated into the device101 or connected devices. Examples of such devices 101 may include, butare not limited to, a point of sale device, a mobile device, tablet, orany other computer device. The API may receive the data from the device101 and may generate and send an abstracted, encoded biometricidentifier to a backend 103 or API gateway. This abstract biometric IDmay be of any form or structure (e.g., a hash and so on), may involveserialization or packetizing of a digital representation of thebiometric, and/or various other processing. The abstract biometric IDmay be unreadable on its own, may be of any modality (type ofbiometric), from any hardware. It may be sent via dual certificate HTTPSand on-the-fly unique encryption to the backend.

The backend 103 may decrypt the transmission, interpret the modality ormodalities of the data structure of the abstract biometric ID, anddynamically create templates or formats associated with any number ofmatchers or matching engines 104 that are compliant with the sentmodality or modalities. The matching engine 104 may execute on thebackend 103 and/or on another device with which the backend 103 isoperable to communicate.

The matching engine 104 may retrieve biometric information from anybiometric repository, including the backend's own repository. In thecase of multi-modal abstract biometric IDs, the backend 103 may detecteach of the modalities, run each of them through the proper matchingengine(s) 104 and through the prioritization of modalities, scores,statistical combinatorics, and so on, determine a most accurate and/orlikely match (e.g., identify a person associated with the biometric).

If the abstract biometric ID is identified, the abstract biometric IDmay be simultaneously and/or otherwise sent to a number of information,validation, and/or other services or servers 105 a-105 f. Such servicesor servers may include, but are not limited to, an age validationservice, a terrorist risk service, a criminality service, a wanted list,a credit check service, a payment engine, a line of credit accountvalidation service, and so on.

The API may return data (which may be received from the backend 103)that indicates one or all of the requested information. For example,requested information may include, but is not limited to, whether theindividual has an approved purchase, if they're of a specific age (suchas twenty-one for purchase of alcohol or gambling services), if theyhave a risk score that indicates either a criminal or terrorist riskfactor (e.g., money laundering), if they have an approved line ofcredit, and so on. This return may be formatted in a variety of ways.For example, the return may be itemized, with or without explanation, bea single decline with or without an explanation, be a risk score thatcan be assessed per merchant either through human intervention orthrough code written in the POS, and so on. The API may also returnresults, explanations, or codes based upon predefined rules, logic,algorithms, and so on.

FIG. 2 depicts an example application programming interface clientinteraction 200 for the system 100 of FIG. 1. It is understood that thisis provided for the purposes of example. In various implementations,other interactions may be performed, whether by an applicationprogramming interface client, other software, and so on.

210: Any biometric reader or device may be used. The device may bestand-alone, embedded in a mobile device, part of or attached to atablet, computer, point of sale system, and so on. Rapid biometric IDsmay be integrated in POS systems, including those based on Windows™,Android™, iOS™, and so on. The API may be included in an applicationthat is connected to the device or embedded in the device.

220: The technology discussed herein may be designed to abstract thebiometric ID process. This may create an abstract biometric ID that maybe an image, a data structure, a hash, or any mathematical or computerbased construct. The abstract biometric ID may represent any biometrictype or modality. Examples include, but are not limited to, a finger,face, voice, iris or gait. This may give the disclosed system theability to work with any hardware, any modality, or multiple modalitiesat a single time.

230: The abstract biometric ID, secure in itself, may be further securedthrough a multiple of protocols. This may include, but is not limitedto, dual certification https, in-flight encryption, non-redundantencryption, and so on. This may mean that the abstract biometric ID isencrypted in-flight using different protocols each time.

FIG. 3 depicts an example application programming interface serverinteraction 300 for the system 100 of FIG. 1. Again, it is understoodthat this is provided for the purposes of example. In variousimplementations, other interaction may be performed, whether by anapplication programming interface server, a backend, other devices, andso on.

340: The abstract biometric ID may be unencrypted and cast to the propermodality. In the case of multi-modal abstract biometric IDs, themodality of each may be detected.

350: The abstract biometric ID may then be converted to the propertemplate format for a matching engine(s) appropriate for the detectedmodality. Each abstract biometric ID may be run through the appropriatematching engine(s) and through the prioritization of modalities, scores,statistical combinatorics, and so on to determine the most accuratematch.

360: The person associated with the biometric may be identified. In somecases, a person may not be identified as the biometric may not have beenregistered with the system or the biometric repository. In such a casethe backend may return an error, prompt for an enrollment process,and/or perform various other actions related to a failed identification.

370: Prior to returning the identification, the abstract biometric IDmay be sent to various services or servers in order to return variousrequested or other information. Services or servers may include, but arenot limited to, a risk score, a credit account creation, payment engine,a criminal data check, and so on.

380: Return identification data and associated information. This may bereturned to the API, the device associated with the API, an associateddevice, and so on.

FIG. 4 depicts an example data structure 400 that may be used for theabstracted biometric identifier in the system 100 of FIG. 1. The datastructure may include a header 401. Such a header 401 may include amachine identifier, a biometric type, a specification of a targetingmatching engine(s), and so on. The data structure may also include abiometric object 402 or digital representation thereof, such as animage, data structure, blob, and so on. The data structure may alsoinclude a cast type 403, an object structure self-describing identifier404, metadata 405 (such as a time stamp, location, or the like), and soon.

FIG. 5 depicts an example process flow 500 of the system 100 of FIG. 1.As shown, software on the POS or other device 101 may perform variousactions related to the biometric. These may include analysis on thequality and type of the biometric, automatic capture based on highestquality, tagging with metadata for processing hints to the API, and soon.

The abstract biometric ID and/or other payload provided by the API mayinclude capture of one or more biometric modalities, billable amounts,biometric capture quality indications, biometric template and/orprocessing hints or directions, times of capture, device details, otherrelated metadata, and so on. The response may include identityconfirmation or rejection, age validation or rejection, payment approvalor rejection, risk score threshold approval or rejection, purchasethrottling (e.g., a limit on an amount of alcohol or other controlleditem that may be purchased in a particular time frame), and so on.

As shown, identity determination may use the formatted abstractbiometric ID, template, or other processed version of the abstractbiometric ID to determine identity using a number of different methods501-503. A first method 501 may be a high fidelity modality method. Insuch a method 501, the identity determination may determine and extractbiometrics and then perform identification through a matching engine104.

A second method 502 may be a mixed modality method. In such a method502, biometrics may be determined and extracted from a higher fidelitymodality or higher quality biometric, a first identification may beperformed through a matching engine 104 associated with the determinedand extracted biometric, and a remaining modality or modalities may beused to perform a second identification from a reduced gallery resultingfrom the first identification (such as where a facial recognition isused as a first identification to generate a reduced biometric galleryfor comparison of irises).

A third method 503 may be an intelligent gallery reduction method. Insuch a method 503, biometrics may be determined and extracted; metadata,hints, and caller information may be used to generate a limitedbiometric gallery for comparison, and the determined and extractedbiometric may be identified against the generated limited biometricgallery for increased matching accuracy.

It is understood that this first method 501, second method 502, andthird method 503 are provided for the purpose of example. Identitydetermination may be performed using a variety of different methodswithout departing from the scope of the present disclosure.

As further illustrated, an identity service 505 may provide biographicalinformation retrieval, age validation, risk analysis, and so on. Apayment gateway 506 may provide functions such as payment processing,payment throttling (e.g., limits to the amount of money that may becharged to various payment accounts whether within a particular timelimit or in general), and so on.

Again, it is understood that the example process flow 500 of FIG. 5 isprovided for the purposes of example. In various implementations, thesystem 100 of FIG. 1 and/or other systems or devices that use varioustechniques of the present disclosure may perform a variety of differentprocesses with various process flows without departing from the scope ofthe present disclosure.

For example, an example system may identify a person based on abiometric as discussed above. A backend may store payment informationfor the person. In some implementations, the backend may store actualpayment account identifiers, such as credit card numbers, that thebackend may pass (and/or interact with the API or associated device topass) to a payment processing system. In other implementations, thebackend may store an identifier that may be provided to a payment systemto identify an actual payment account identifier stored by the paymentsystem, thus isolating the backend from actual payment accountidentifiers. In still other implementations, the backend may be operableto pass the determined identity to a payment processing system which mayitself determine actual payment account identifiers based on theprovided identity. Regardless, as a result in such examples, the returnmay include a confirmation of whether or not payment has been accepted.

In various implementations of such cases, the payment processing systemmay provide a response that payment is declined. In such a case, thebackend may be operable to communicate with one or more systems todetermine if the person is a sufficient credit risk to create a newpayment account and process payment using the new payment account. Insuch a case, the new payment account may be created using informationobtained using the determined identity such as a name of the person, asocial security number of the person, an address of the person, anannual income of the person, and so on.

In some implementations, a POS may attempt to prevent payment fraud byobtaining a risk score for a person in addition to processing payment.In such an implementation, the backend may communicate with variousservers to determine a risk score for the person that indicates a riskof whether or not there could be a problem with the person's payment.For example, a person could have a valid credit card, but may frequentlydispute charges. This may be indicated to the POS, which may decline thetransaction even if it is possible to process payment.

In numerous implementations, the products related to the biometricpayment may require some kind of validation based on the person'sidentity. For example, purchase of alcohol may be limited to people whoare twenty-one years of age or older. By way of another example,purchase of firearms may be limited to people who have not beenconvicted of a violent crime. By way of another example, a person may berequired to have a valid driver's license in order to rent anautomobile. As part of biometric payment, the backend may communicatewith various servers to verify the person's age, criminal background,license status, and/or other information in order to validate thetransaction based on the determined identity of the person.

In various implementations, purchase of certain kinds of cold remediesmay be tracked by authorities. As part of biometric payment, the backendmay communicate with various servers to determine that the person hasnot exceeded an amount of allowable product that the person canpurchase, is not barred from purchasing such products, and so on. Thebackend may also update various servers that monitor purchase of suchproducts so that data regarding such products purchased by the personare up to date.

In some implementations, the backend may be configured to perform anumber of different processes, such as one or more of the above. Ratherthan receiving an abstract biometric identifier and then providing aresponse, the backend may interact with the API and/or the associateddevice in order to determine whether or not to perform various otheractions besides determining identity, such as payment processing, agevalidation, credit account creation, risk score determination, criminalcheck, obtaining biographical information, and so on.

In numerous implementations, the techniques disclosed herein may be usedfor processes other than biometric payment. For example, the biometricidentification discussed above may be used to identify a person andvalidate their age for purposes of entry into a casino, bar, or otherage-restricted area, as a prerequisite for providing the person alcoholor other age restricted products in a non-payment situation, and so on.Various configurations are possible and contemplated without departingfrom the scope of the present disclosure.

FIG. 6 depicts an example of matching engine abstraction 600 that may beused in the present disclosure. This may be performed by the backend 102discussed with respect to FIGS. 1-3. As illustrated, the abstractbiometric ID 400 may be provided to a matching engine gateway 601. Thematching engine gateway 601 may provide the abstract biometric ID 400 toone or more adapters 602 associated with a particular matching engine104 (e.g., a software development kit or API associated with theparticular matching engine). The adapter associated with the particularmatching engine 104 may format the abstract biometric ID and/orinformation contained therein into a template 603 or format that theparticular matching engine 104 is configured to work with. The template603 may then be provided to the particular matching engine 104, whichmay then perform matching on the template to determine the identity ofthe person associated with the abstract biometric ID 400 from which thetemplate 603 was generated.

For example, the matching engine gateway 601 may provide an abstractbiometric ID 400 associated with the face of a person to a facialmatching engine adapter 602 associated with a matching engine 104provided by Innovatrics™. By way of another example, the matching enginegateway 601 may provide an abstract biometric ID 400 associated with theface of a person to a facial matching engine adapter 602 associated witha matching engine 104 provided by Chui™. By way of still anotherexample, the matching engine gateway 601 may provide an abstractbiometric ID 400 associated with the face of a person to a facialmatching engine adapter 602 associated with a matching engine 104provided by Rank One Computing™. By way of yet another example, thematching engine gateway 601 may provide an abstract biometric ID 400associated with the fingerprint of a person to a fingerprint matchingengine adapter 602 associated with a matching engine 104 provided byInnovatrics™. In still another example, the matching engine gateway 601may provide an abstract biometric ID 400 associated with the fingerprintof a person to a fingerprint matching engine adapter 602 associated witha matching engine 104 provided by BioMoRF Systems Limited™. In yetanother example, the matching engine gateway 601 may provide an abstractbiometric ID 400 associated with the iris of a person to an irismatching engine adapter 602 associated with a matching engine 104provided by FotoNation™.

FIG. 7 depicts a first example method 700 of biometric paymentprocessing. The first example method 700 may be performed using thesystem 100 of FIGS. 1-3. For example, the first example method 700 maybe performed by the device 101.

At 710, a biometric may be obtained. At 720, an abstract biometric IDmay be generated based on the biometric. At 730, the abstract biometricID may be sent to a backend or other device.

At 740, it is determined whether or not a response is received. If not,the flow proceeds to 750 where a response is waited for beforedetermining again whether or not a response is received at 740.Otherwise, the flow proceeds to 760 where the transaction may becompleted based on the received response.

In various examples, this example method 700 may be implemented as agroup of interrelated software modules or components that performvarious functions discussed herein. These software modules or componentsmay be executed by one or more computing devices. For example, thesesoftware modules or components may be executed by the device 101.

Although the example method 700 is illustrated and described asincluding particular operations performed in a particular order, it isunderstood that this is an example. In various implementations, variousorders of the same, similar, and/or different operations may beperformed without departing from the scope of the present disclosure.

For example, 710 is illustrated and described as obtaining a biometric.However, in various implementations, a digital representation of abiometric may be obtained. Various configurations are possible andcontemplated without departing from the scope of the present disclosure.

In various embodiments, a biometric payment system device may include atleast one non-transitory storage medium that stores instructions and atleast one processor. The at least one processor may execute theinstructions to obtain a digital representation of a biometric, generatean abstract biometric identifier data structure using the digitalrepresentation of the biometric, receive a response from a biometricpayment system based on a transmission of the abstract biometricidentifier data structure, and complete a transaction based on theresponse.

In some examples, the abstract biometric identifier data structure mayinclude the digital representation of the biometric. In variousexamples, the abstract biometric identifier data structure may specify atype of the digital representation of the biometric. In numerousexamples, the abstract biometric identifier data structure may specify atarget matching engine.

In various examples, the digital representation of the biometric may bea first biometric representation and the abstract biometric identifierdata structure may include the first biometric representation and asecond biometric representation. In some such examples, the firstbiometric representation may be an image and the second biometricrepresentation may be a data structure. In various such examples, thefirst biometric representation and the second biometric representationmay correspond to different types of biometrics.

FIG. 8 depicts a second example method 800 of biometric paymentprocessing. The second example method 800 may be performed by the system100 of FIGS. 1-3. For example, the first example method 700 may beperformed by the backend 103 of the system 100 of FIGS. 1-3.

At 810, an abstract biometric ID may be received (such as from the APIof FIGS. 1-3). At 820, a modality of the abstract biometric ID may bedetermined. At 830, the abstract biometric ID may be formatted for anappropriate matching engine based on the determined modality. At 840,the identity may be determined using the formatted abstract biometric IDand the appropriate matching engine. The flow then proceeds to 850 whereinformation based on the determined identity may be returned (such as tothe API of FIGS. 1-3).

In various examples, this example method 800 may be implemented as agroup of interrelated software modules or components that performvarious functions discussed herein. These software modules or componentsmay be executed by one or more computing devices. For example, thesesoftware modules or components may be executed by the backend 103 of thesystem 100 of FIGS. 1-3.

Although the example method is illustrated and described as includingparticular operations performed in a particular order, it is understoodthat this is an example. In various implementations, various orders ofthe same, similar, and/or different operations may be performed withoutdeparting from the scope of the present disclosure.

For example, 840 is illustrated and described as determining theidentity of a person associated with the abstract biometric ID bymatching biometric information in the formatted abstract biometric IDwith stored biometric information using the appropriate matching engine.However, in some cases, the abstract biometric ID may be associated witha person for whom no biometric information is stored. In such asituation, it may instead be concluded that identity cannot beascertained. In some implementations, this may trigger presentation ofan opportunity to enroll the person in a biometric identificationsystem.

In numerous embodiments, a biometric payment system may include at leastone non-transitory storage medium that stores instructions and at leastone processor. The at least one processor may execute the instructionsto receive an abstract biometric identifier data structure from abiometric payment system device, the abstract biometric identifier datastructure generated using a digital representation of a biometric;determine a modality of the digital representation of the biometric fromthe abstract biometric identifier data structure; format a biometrictemplate for a matching engine using the abstract biometric identifierdata structure; determine an identity using the matching engine; andprovide information associated with the identity to the biometricpayment system device.

In some examples, the abstract biometric identifier data structure maybe a first abstract biometric identifier data structure, the digitalrepresentation of the biometric may be a first digital representation ofa first biometric, the biometric payment system device may be a firstbiometric payment system device, the at least one processor may beoperable to receive a second abstract biometric identifier datastructure from a second biometric payment system device, and the secondabstract biometric identifier data structure may be generated using asecond digital representation of a second biometric. In some suchexamples, the first digital representation of the first biometric mayhave a different modality than the second digital representation of thesecond biometric. In various such examples, the at least one processormay use a first matching engine for the first digital representation ofthe first biometric and a second matching engine for the second digitalrepresentation of the second biometric (and may determine the identityusing a combination of results of the first and second matchingengines). In numerous such examples, the first biometric may be afingerprint and the second biometric may be at least a portion of aface.

FIG. 9 depicts a third example method 900 of biometric paymentprocessing. The third example method 900 may be performed by the system100 of FIGS. 1-3. For example, the first example method 700 may beperformed by the backend 103.

At 910 an abstract biometric ID may be received (such as from the API ofFIGS. 1-3). At 920, the abstract biometric ID may be converted to atemplate based on a modality of the abstract biometric ID. At 930, aperson may be identified based on running the template through acorresponding matching engine. At 940, it may be determined whether ornot to obtain other information based on the determined identity (suchas payment information, biographical information, age validation,criminal checks, credit account creation, risk score, and so on). Ifnot, at 950 a response based on the determined identity may be sent(such as to the API of FIGS. 1-3). Otherwise, the flow proceeds to 960.

At 960, after it is determined to obtain other information based on thedetermined identity, the determined identity may be provided to one ormore other servers. At 970, information may be received related to theprovided identity. At 980, the information may be added to the responsethat is sent at 950.

In various examples, this example method 900 may be implemented as agroup of interrelated software modules or components that performvarious functions discussed herein. These software modules or componentsmay be executed by one or more computing devices. For example, thesesoftware modules or components may be executed by the backend 103 of thesystem 100 of FIGS. 1-3.

Although the example method 900 is illustrated and described asincluding particular operations performed in a particular order, it isunderstood that this is an example. In various implementations, variousorders of the same, similar, and/or different operations may beperformed without departing from the scope of the present disclosure.

For example, 940-960 is illustrated and described as obtaining the otherinformation from one or more other servers and including the otherinformation in response. However, it is understood that this is anexample. In various implementations, the other server may responddirectly and the other information may not be included in the response.Various configurations are possible and contemplated without departingfrom the scope of the present disclosure.

In some embodiments, a biometric payment system may include at least onenon-transitory storage medium that stores instructions and at least oneprocessor. The at least one processor may execute the instructions toreceive an abstract biometric identifier data structure from a biometricpayment system device, the abstract biometric identifier data structuregenerated using a digital representation of a biometric; generate abiometric template corresponding to the digital representation of thebiometric from the abstract biometric identifier data structure;determine an identity by providing the biometric template to a matchingengine; and provide information associated with the identity to thebiometric payment system device.

In various examples, the information may include a validated age of aperson associated with the digital representation of the biometric. Insome examples, the information may include a verified identity of aperson associated with the digital representation of the biometric.

In numerous examples, the at least one processor may communicate with apayment processing system. In some such examples, the information may bea result of the at least one processor communicating with the paymentprocessing system. In various such examples, the at least one processormay communicate with the payment processing system to create a creditaccount for a person associated with the digital representation of thebiometric.

In some examples, the abstract biometric identifier data structure mayinclude a billing amount.

Aspects of the present disclosure may be performed by one or moredevices, such as one or more computing devices, that may be configuredas part of a system. For example, one or more computing devices thatperform one or more aspects of this disclosure may be part of a cloudcomputing system, cooperative computing arrangement, and so on. Suchdevices may include one or more processing units, one or morenon-transitory storage media (which may take the form of, but is notlimited to, a magnetic storage medium; optical storage medium;magneto-optical storage medium; read only memory; random access memory;erasable programmable memory; flash memory; and so on), and/or othercomponents. The processing unit may execute one or more instructionsstored in the non-transitory storage medium to perform one or moreprocesses that utilize one or more of the techniques disclosed hereinfor biometric payment.

For example, FIG. 10 depicts an example 1000 of functional relationshipsbetween components that may be used to implement the device 101 andbackend 103 in the system 100 of FIG. 1. The device 101 may include oneor more processing units 1001 or other processors or controllers,biometric readers 102 (which may be incorporated into and/or external tothe device 101), communication units 1002, non-transitory storage media1003, and so on. The processing unit 1001 may execute instructionsstored in the non-transitory storage medium 1003 in order to performvarious functions. Such functions may include, but are not limited to,obtaining biometric information using the biometric reader 102, creatingone or more abstract biometric IDs, communicating with the backend 103using the communication component 1002, receiving transaction requests,processing transaction requests, and so on.

Similarly, the backend 103 may include one or more processing units 1005or other processors or controllers, communication units 1006,non-transitory storage media 1007, and so on. The processing unit 1005may execute instructions stored in the non-transitory storage medium1007 in order to perform various functions. Such functions may include,but are not limited to, communicating with the device 101 and/or one ormore servers 105 a-f using the communication component 1006, receivingone or more abstract biometric IDs, determining the modality of anabstract biometric ID, formatting an abstract biometric ID for amatching engine, converting an abstract biometric ID to a template,determining identity using an abstract biometric ID, returninginformation, and so on.

The present disclosure recognizes that biometric and/or other personaldata is owned by the person from whom such biometric and/or otherpersonal data is derived. This data can be used to the benefit of thosepeople. For example, biometric data may be used to conveniently andreliably identify and/or authenticate the identity of people, accesssecurely stored financial and/or other information associated with thebiometric data, and so on. This may allow people to avoid repeatedlyproviding physical identification and/or other information.

The present disclosure further recognizes that the entities who collect,analyze, store, and/or otherwise use such biometric and and/or otherpersonal data should comply with well-established privacy policiesand/or privacy practices. Particularly, such entities should implementand consistently use privacy policies and practices that are generallyrecognized as meeting or exceeding industry or governmental requirementsfor maintaining security and privately maintaining biometric and/orother personal data, including the use of encryption and securitymethods that meets or exceeds industry or government standards. Forexample, biometric and/or other personal data should be collected forlegitimate and reasonable uses and not shared or sold outside of thoselegitimate uses. Further, such collection should occur only afterreceiving the informed consent. Additionally, such entities should takeany needed steps for safeguarding and securing access to such biometricand/or other personal data and ensuring that others with access to thebiometric and/or other personal data adhere to the same privacy policiesand practices. Further, such entities should certify their adherence towidely accepted privacy policies and practices by subjecting themselvesto appropriate third party evaluation.

Additionally, the present disclosure recognizes that people may blockthe use of, storage of, and/or access to biometric and/or other personaldata. Entities who typically collect, analyze, store, and/or otherwiseuse such biometric and and/or other personal data should implement andconsistently prevent any collection, analysis, storage, and/or other useof any biometric and/or other personal data blocked by the person fromwhom such biometric and/or other personal data is derived.

As described above and illustrated in the accompanying figures, thepresent disclosure relates to systems that use abstract biometricidentifiers (IDs). An abstract biometric ID may be a data structure thatis formatted in a way that is recognizable by devices in a biometricidentification system while being able to include one or more digitalrepresentations of biometrics and/or a variety of different informationregarding the digital representation of the biometric, what to do withthe digital representation of the biometric, and so on. By having avariety of different information in the uniform format of an abstractbiometric ID, a biometric identification system can use abstractbiometric ID data structures to provide a variety of different functionsfor a number of different applications to multiple different systems.The abstract biometric ID data structure may allow a biometricidentification system to perform biometric identification of any numberof biometrics and different types of biometrics. The abstract biometricID data structure may also allow a biometric identification system toperform various different functions for a number of different systems.All of this may be possible due to the biometric identification systembeing able to use anything that has been formatted according to theexpected abstract biometric ID data structure. Each requesting systemmay include whatever biometrics, specifications, and so on in theabstract biometric ID data structure and have the biometricidentification system be able to respond as long as the biometrics,specifications, and so on are properly formatted in the abstractbiometric ID data structure. This may allow the biometric identificationsystem to more efficiently provide biometric identification and/or otherservices while using less computational resources that would otherwisebe required to handle different kinds of requests. This may allow thebiometric identification system to perform a variety of differentfunctions that would otherwise not be possible due to needing separateentire system reconfigurations to add such functionality.

In the present disclosure, the methods disclosed may be implemented assets of instructions or software readable by a device. Further, it isunderstood that the specific order or hierarchy of steps in the methodsdisclosed are examples of sample approaches. In other embodiments, thespecific order or hierarchy of steps in the method can be rearrangedwhile remaining within the disclosed subject matter. The accompanyingmethod claims present elements of the various steps in a sample order,and are not necessarily meant to be limited to the specific order orhierarchy presented.

The described disclosure may be provided as a computer program product,or software, that may include a non-transitory machine-readable mediumhaving stored thereon instructions, which may be used to program acomputer system (or other electronic devices) to perform a processaccording to the present disclosure. A non-transitory machine-readablemedium includes any mechanism for storing information in a form (e.g.,software, processing application) readable by a machine (e.g., acomputer). The non-transitory machine-readable medium may take the formof, but is not limited to, a magnetic storage medium (e.g., floppydiskette, video cassette, and so on); optical storage medium (e.g.,CD-ROM); magneto-optical storage medium; read only memory (ROM); randomaccess memory (RAM); erasable programmable memory (e.g., EPROM andEEPROM); flash memory; and so on.

The foregoing description, for purposes of explanation, used specificnomenclature to provide a thorough understanding of the describedembodiments. However, it will be apparent to one skilled in the art thatthe specific details are not required in order to practice the describedembodiments. Thus, the foregoing descriptions of the specificembodiments described herein are presented for purposes of illustrationand description. They are not targeted to be exhaustive or to limit theembodiments to the precise forms disclosed. It will be apparent to oneof ordinary skill in the art that many modifications and variations arepossible in view of the above teachings.

What is claimed is:
 1. A biometric payment system device, comprising: atleast one non-transitory storage medium that stores instructions; and atleast one processor that executes the instructions to: obtain a digitalrepresentation of a biometric; generate an abstract biometric identifierdata structure using the digital representation of the biometric;receive a response from a biometric payment system based on atransmission of the abstract biometric identifier data structure; andcomplete a transaction based on the response.
 2. The biometric paymentsystem device of claim 1, wherein the abstract biometric identifier datastructure includes the digital representation of the biometric.
 3. Thebiometric payment system device of claim 1, wherein the abstractbiometric identifier data structure specifies a type of the digitalrepresentation of the biometric.
 4. The biometric payment system deviceof claim 1, wherein the abstract biometric identifier data structurespecifies a target matching engine.
 5. The biometric payment systemdevice of claim 1, wherein: the digital representation of the biometricis a first biometric representation; and the abstract biometricidentifier data structure includes the first biometric representationand a second biometric representation.
 6. The biometric payment systemdevice of claim 5, wherein: the first biometric representation is animage; and the second biometric representation is a data structure. 7.The biometric payment system device of claim 5, wherein the firstbiometric representation and the second biometric representationcorrespond to different types of biometrics.
 8. A biometric paymentsystem, comprising: at least one non-transitory storage medium thatstores instructions; and at least one processor that executes theinstructions to: receive an abstract biometric identifier data structurefrom a biometric payment system device, the abstract biometricidentifier data structure generated using a digital representation of abiometric; generate a biometric template corresponding to the digitalrepresentation of the biometric from the abstract biometric identifierdata structure; determine an identity by providing the biometrictemplate to a matching engine; and provide information associated withthe identity to the biometric system payment device.
 9. The biometricpayment system of claim 8, wherein the information includes a validatedage of a person associated with the digital representation of thebiometric.
 10. The biometric payment system of claim 8, wherein theinformation includes a verified identity of a person associated with thedigital representation of the biometric.
 11. The biometric paymentsystem of claim 8, wherein the at least one processor communicates witha payment processing system.
 12. The biometric payment system of claim11, wherein the information comprises a result of the at least oneprocessor communicating with the payment processing system.
 13. Thebiometric payment system of claim 11, wherein the at least one processorcommunicates with the payment processing system to create a creditaccount for a person associated with the digital representation of thebiometric.
 14. The biometric payment system of claim 8, wherein theabstract biometric identifier data structure includes a billing amount.15. A biometric payment system, comprising: at least one non-transitorystorage medium that stores instructions; and at least one processor thatexecutes the instructions to: receive an abstract biometric identifierdata structure from a biometric payment system device, the abstractbiometric identifier data structure generated using a digitalrepresentation of a biometric; determine a modality of the digitalrepresentation of the biometric from the abstract biometric identifierdata structure; format a biometric template for a matching engine usingthe abstract biometric identifier data structure; determine an identityusing the matching engine; and provide information associated with theidentity to the biometric payment system device.
 16. The biometricpayment system of claim 15, wherein: the abstract biometric identifierdata structure comprises a first abstract biometric identifier datastructure; the digital representation of the biometric comprises a firstdigital representation of a first biometric; the biometric paymentsystem device comprises a first biometric payment system device; the atleast one processor is operable to receive a second abstract biometricidentifier data structure from a second biometric payment system device;and the second abstract biometric identifier data structure is generatedusing a second digital representation of a second biometric.
 17. Thebiometric payment system of claim 16, wherein the first digitalrepresentation of the first biometric has a different modality than thesecond digital representation of the second biometric.
 18. The biometricpayment system of claim 16, wherein the at least one processor uses: afirst matching engine for the first digital representation of the firstbiometric; and a second matching engine for the second digitalrepresentation of the second biometric.
 19. The biometric payment systemof claim 18, wherein the at least one processor determines the identityusing a combination of results of the first and second matching engines.20. The biometric payment system of claim 16, wherein: the firstbiometric comprises a fingerprint; and the second biometric comprises atleast a portion of a face.